Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/S1XjTxghHPmFgDjPsq25cHofECk.roa
File: S1XjTxghHPmFgDjPsq25cHofECk.roa (raw, json)
Hash identifier: lC6NRTvoz6DkYsIzwP5B0dKHRqnvJHJbX3IkkO/UMbk=
Subject key identifier: 4B:55:E3:4F:18:21:1C:F9:85:80:38:CF:B2:AD:B9:70:7A:1F:10:29
Certificate issuer: /CN=397245d0492eede59b045b5be1fd4eb9161bc417
Certificate serial: 01856F3015803B4A67D6EA4CB9D452FC33BC
Authority key identifier: 39:72:45:D0:49:2E:ED:E5:9B:04:5B:5B:E1:FD:4E:B9:16:1B:C4:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXJF0Eku7eWbBFtb4f1OuRYbxBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/S1XjTxghHPmFgDjPsq25cHofECk.roa
Signing time: Sun 01 Jan 2023 21:15:00 +0000
ROA not before: Sun 01 Jan 2023 21:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133861
IP address blocks: 193.134.209.0/24 maxlen: 24
193.134.211.0/24 maxlen: 24
193.134.208.0/24 maxlen: 24
193.134.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:15:80:3b:4a:67:d6:ea:4c:b9:d4:52:fc:33:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397245d0492eede59b045b5be1fd4eb9161bc417
Validity
Not Before: Jan 1 21:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b55e34f18211cf9858038cfb2adb9707a1f1029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:64:65:7b:f8:e3:6e:29:62:21:39:f9:17:
28:d4:f5:ee:7f:72:2d:19:36:a1:c2:5a:26:b7:67:
c9:64:a9:53:0a:c3:43:52:36:47:5d:bc:98:27:db:
4f:b7:b9:a2:64:00:50:78:22:aa:69:e5:a3:b2:db:
da:a1:6c:b7:85:13:71:06:44:b1:dc:af:2a:48:ee:
5a:b6:73:1b:98:2e:bf:65:cd:57:43:76:33:8a:b1:
93:19:e0:e6:0c:1d:0a:5f:c0:cc:7e:69:6c:07:c4:
2e:d0:de:1a:59:1b:36:26:8f:bc:e9:28:ac:81:74:
9e:f7:44:b8:fc:d2:2f:64:b5:40:06:31:f6:5b:7b:
7e:27:b6:df:47:d7:19:87:86:e9:3f:e1:fd:da:dd:
70:df:d4:95:7c:da:0d:84:c3:48:2c:21:4c:30:cd:
bb:f0:d9:7c:22:17:8b:a2:ee:c1:e2:4f:b9:6a:85:
c8:d8:9d:f3:d0:45:45:00:58:8f:4b:08:9c:ea:6d:
8e:ae:8d:be:a8:0d:13:04:8b:fa:18:94:3d:b3:c0:
8d:c9:55:f1:45:89:f7:59:50:ec:fb:0b:d0:13:18:
04:65:b9:dd:8b:8b:d4:87:4d:a0:57:d3:5b:54:d1:
5a:b1:dc:2c:34:b7:bf:35:ec:cf:95:77:0b:a6:93:
26:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:55:E3:4F:18:21:1C:F9:85:80:38:CF:B2:AD:B9:70:7A:1F:10:29
X509v3 Authority Key Identifier:
keyid:39:72:45:D0:49:2E:ED:E5:9B:04:5B:5B:E1:FD:4E:B9:16:1B:C4:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXJF0Eku7eWbBFtb4f1OuRYbxBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/S1XjTxghHPmFgDjPsq25cHofECk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/eed9ce-aef9-4fc9-8a4a-c442a18f1efc/1/OXJF0Eku7eWbBFtb4f1OuRYbxBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.208.0/22
Signature Algorithm: sha256WithRSAEncryption
17:9d:ea:a2:d6:4a:05:eb:cf:34:b3:23:d7:c0:50:d0:4e:cb:
0e:4c:07:8b:aa:ff:f9:d8:99:27:c4:74:9e:1a:87:7b:05:53:
e4:56:0f:18:04:9f:53:86:22:6d:33:05:59:41:c7:d7:c0:f4:
b4:00:5c:5a:b0:2c:25:c9:bc:c3:93:f6:ad:d3:37:19:ad:0b:
32:19:45:9e:72:18:62:ee:18:3a:cf:95:5f:a3:a8:43:58:db:
a3:06:0f:8b:7e:74:20:9a:43:07:cd:d1:0e:f7:22:f7:79:82:
e7:94:8e:81:d8:d9:dc:23:16:e7:45:68:ca:f6:56:1f:55:0e:
11:ad:34:96:13:25:9d:78:82:17:84:7f:95:72:90:1d:b8:98:
04:bd:02:14:8d:22:f2:11:6d:9d:4e:8b:ef:51:93:54:dd:76:
a7:cf:13:39:de:b3:53:76:2a:f7:10:e9:66:e8:32:76:3f:99:
be:fc:d0:79:a6:e8:f5:85:49:54:dd:54:cf:fe:ef:48:2f:22:
65:87:2a:f2:f6:11:3d:79:d0:4d:f9:95:a0:f3:4e:7e:02:dc:
32:e6:70:75:1b:89:d9:23:f9:d5:eb:69:d0:b2:be:ca:47:7a:
3a:7b:66:cc:94:77:da:62:27:32:70:7e:ec:67:98:ec:e3:08:
2b:a5:a4:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMBWAO0pn1upMudRS/DO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzI0NWQwNDkyZWVkZTU5YjA0NWI1YmUxZmQ0ZWI5MTYx
YmM0MTcwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU1ZTM0ZjE4MjExY2Y5ODU4MDM4Y2ZiMmFkYjk3MDdhMWYxMDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl91kZXv4424pYiE5+Rco1PXuf3It
GTahwlomt2fJZKlTCsNDUjZHXbyYJ9tPt7miZABQeCKqaeWjstvaoWy3hRNxBkSx
3K8qSO5atnMbmC6/Zc1XQ3YzirGTGeDmDB0KX8DMfmlsB8Qu0N4aWRs2Jo+86Sis
gXSe90S4/NIvZLVABjH2W3t+J7bfR9cZh4bpP+H92t1w39SVfNoNhMNILCFMMM27
8Nl8IheLou7B4k+5aoXI2J3z0EVFAFiPSwic6m2Oro2+qA0TBIv6GJQ9s8CNyVXx
RYn3WVDs+wvQExgEZbndi4vUh02gV9NbVNFasdwsNLe/NezPlXcLppMmLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtV408YIRz5hYA4z7KtuXB6HxApMB8GA1UdIwQY
MBaAFDlyRdBJLu3lmwRbW+H9TrkWG8QXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hKRjBFa3U3ZVdiQkZ0YjRmMU91UllieEJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lZWQ5Y2UtYWVmOS00ZmM5LThhNGEt
YzQ0MmExOGYxZWZjLzEvUzFYalR4Z2hIUG1GZ0RqUHNxMjVjSG9mRUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lZWQ5Y2UtYWVmOS00ZmM5LThhNGEtYzQ0MmExOGYxZWZj
LzEvT1hKRjBFa3U3ZVdiQkZ0YjRmMU91UllieEJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwYbQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXneqi1koF6880syPXwFDQTssOTAeLqv/52JknxHSe
God7BVPkVg8YBJ9ThiJtMwVZQcfXwPS0AFxasCwlybzDk/at0zcZrQsyGUWechhi
7hg6z5Vfo6hDWNujBg+LfnQgmkMHzdEO9yL3eYLnlI6B2NncIxbnRWjK9lYfVQ4R
rTSWEyWdeIIXhH+VcpAduJgEvQIUjSLyEW2dTovvUZNU3XanzxM53rNTdir3EOlm
6DJ2P5m+/NB5puj1hUlU3VTP/u9ILyJlhyry9hE9edBN+ZWg805+Atwy5nB1G4nZ
I/nV62nQsr7KR3o6e2bMlHfaYicycH7sZ5js4wgrpaRO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:44 2025 by rpki-client